Several wireless communications networks such as third generation (3G) networks and second generation (2G) networks, have already been installed for use, while fourth generation (4G) networks will soon be in place. As more networks are installed, cellular networks will contain a mix of both old 2G systems and the new 3G and 4G compatible systems. When users roam between various cellular networks, authentication across various networks presents several shortcomings.
For present day 3G mobile systems a mobile station does an end-to-end authentication with the 3G server in the mobile station's home domain to enable communication within the 3G wireless communication system. While performing the authentication, the mobile station uses a shared secret with the 3G server (the shared 3G secret) and generates one or more shared secret 3G keys. The secret 3G keys may be used to encrypt the communications of the mobile station. They may be used by the 3G server or may be made available by the 3G server to trusted proxies in the communication path between the mobile station and the 3G server. The 3G authentication, being end-to-end, mutual authentication can be established between the mobile station and the home system.
In contrast to the secure, end-to-end 3G authentication, for present day 2G mobile systems, the mobile stations send an authentication request to an intermediary switch, which is a part of the visited 2G network, and the switch informs the Home Location Register (HLR) of the mobile station in the mobile station's home domain. The mobile station and the HLR have a shared 2G secret. The switch of the visited 2G network requests 2G authentication parameters from the HLR, and the authentication is accomplished between mobile station and the switch of the visited 2G domain, rather than between the mobile station and its home domain. Only the acknowledgement of authentication is sent from the switch to the HLR. The 2G authentication is not end-to-end. For example, it occurs only between the mobile station and the switch that is currently serving the mobile station. Thus, if the mobile station roams into another 2G network, the authentication is between the mobile station and a switch in the other 2G network. The HLR in the home network plays a minimal role in authenticating the mobile station in the new 2G network. A 3G mobile station may from time to time want to operate in a 2G systems, where the 2G systems may belong to independent operators. In each such 2G system, the mobile station would need a HLR and a shared 2G secret with each HLR. The need of a separate shared 2G secret for each 2G network causes a provisioning issue with the mobile stations.
Hence there is a need for leveraging an established 3G authentication to obtain a 2G authentication.